DMXzone Server Connect Manual

November 23, 2015
Filtering a Database Query Using the Identity of the Logged In User
Filtering a Database Query Using the Identity of the Logged In User

With this movie we will show you how to filter a database query, using the logged in user ID.

Step by Step

We will show you how to filter a database query, using the logged-in user ID. We created a simple database query, which displays users details on the page. We'd like to filter this information, based on the identity of the user that is logged in. First, we need a log in page. We already created a simple log in page, containing a form with a username field a password field and a submit button. The form method is set to post. The first thing, we need to do is, to create a log in server action. Click the new server action button. And add a name for your server action. We call it log in (1). Then, click globals (2). And link your log in page (3).

Then, select the log in form, from the dropdown and click the import button (1). You can see the log in form fields, imported under post (2).

Now, right click the log in action steps. And add a database connection (1). We've already created a database connection, so we select it from the menu (2).

Right click the database connection step. And under security provider select add security provider (1). Then add a name for it. Open the type menu. And select database (2). Click the provider options button (3). And setup, the database users source (4). Click the ok button, when you are done.

Then, it is very important to click the ink button. This way, the security provider, that we've just created, will be accessible for all of your server actions. Click yes in the confirmation dialog.

Now, right click the security provider, that we've created. And select - add security log in (1). Link username and password fields to your form fields. Select the server data bindings button, for each of them, in order to do that (2). Then, under Globals post you will see the linked form fields. Select the proper field for the username (3). And click select.

Do the same for the password.

And bind the log in step, to your security provider (1). Save your server action (2). Now, on the log in page, select the server connect action executors (3). And add a new executor. Add a name for it (4). Select run on form submit. Then, open the server action dropdown. And select the log in server action. Open the bind to form dropdown. And select your log in form. Set the method to post (5).

Open behaviors. Select the on success event (1). Then select the go to URL behavior, and add it to the selected event (2).

Click the browse button.

And select the page, where you want the users to be redirected after they log in successfully.

Click the OK button, when you are done. And click the ok button, in order to apply this behavior. Click OK and we are done setting up the log in action. Now, let's switch to our users details page. Open the server action, containing the query, used on this page (1). And right click the database connection step. Then select add security provider (2). Click the load from button. And select the security provider, that we've created and linked, in the log in action (3).

Now, right click the security provider step. And select - add security restrict in order to protect your database query.

Select your security provider. We've not set up any special permissions, so we leave this option to - all logged in. Now, as our query is protected, and is only accessible to the logged in users, let's add a filter to it. Select your query (1). Click the query options button (2). And open the Filters tab (3). Select the database field, that you want to filter, and add it to the filters list (4). Select equals to. And click the server data bindings icon, for the filter value.

Then, select the Identity, provided by the security provider step. This is the identity of the logged in user. click the select button.

Click the OK button, when you are done. Do not forget to save your server action (1). We are almost done setting up our page. The only thing left is to setup the log out action and attach it to a log out link or button. Click the add new server action button. And name it - log out (2).

And name it - log out (1). Then, right click steps (2). And add security provider. Load the security provider, that we've created and linked earlier (3). Then, right click the security provider step. And add security log out (4).

Save your server action (1). Then, select server connect action executors, and create a new executor (2). Add a name for it (3). And select to never auto run it. Bind it to the log out server action. And set the method to post (4). Open the options tab (5). Click behaviors (6).

Select on success event (1). And bind the go to URL behavior to it (2). Select a page, where the users should be redirected after they log out. Click OK Then click OK again. And once again, in oder to apply the server action executor.

Now, click your log out button or link. Open the behaviors panel.

And click the add new behavior button (1). Under DMXzone select control DMXzone Server Connect Action Executor. Select to run the log out action executor (2). And click OK.

Now, let's preview the results. We enter our log in details and click the log in button. You can see that the script redirects us to the index page, where we can see the logged in user details. That's how easy it is to filter database query, using the identity of the logged in user.